From d5caf22d8c4f1509fed7cb5e3ef5237e24c677fd Mon Sep 17 00:00:00 2001
From: Satsuki Yanagi <17376330+u1-liquid@users.noreply.github.com>
Date: Fri, 5 Jul 2019 07:45:00 +0900
Subject: Update Emojis immediately (#5106)

---
 src/server/api/endpoints/admin/emoji/add.ts    | 3 +++
 src/server/api/endpoints/admin/emoji/remove.ts | 3 +++
 src/server/api/endpoints/admin/emoji/update.ts | 3 +++
 src/server/api/endpoints/meta.ts               | 2 +-
 4 files changed, 10 insertions(+), 1 deletion(-)

(limited to 'src/server/api')

diff --git a/src/server/api/endpoints/admin/emoji/add.ts b/src/server/api/endpoints/admin/emoji/add.ts
index c26e8dd04d..5ba00afde8 100644
--- a/src/server/api/endpoints/admin/emoji/add.ts
+++ b/src/server/api/endpoints/admin/emoji/add.ts
@@ -3,6 +3,7 @@ import define from '../../../define';
 import { detectUrlMine } from '../../../../../misc/detect-url-mine';
 import { Emojis } from '../../../../../models';
 import { genId } from '../../../../../misc/gen-id';
+import { getConnection } from 'typeorm';
 
 export const meta = {
 	desc: {
@@ -43,6 +44,8 @@ export default define(meta, async (ps) => {
 		type,
 	});
 
+	await getConnection().queryResultCache!.remove(['meta_emojis']);
+
 	return {
 		id: emoji.id
 	};
diff --git a/src/server/api/endpoints/admin/emoji/remove.ts b/src/server/api/endpoints/admin/emoji/remove.ts
index 316834b884..3ebf933bc6 100644
--- a/src/server/api/endpoints/admin/emoji/remove.ts
+++ b/src/server/api/endpoints/admin/emoji/remove.ts
@@ -2,6 +2,7 @@ import $ from 'cafy';
 import define from '../../../define';
 import { ID } from '../../../../../misc/cafy-id';
 import { Emojis } from '../../../../../models';
+import { getConnection } from 'typeorm';
 
 export const meta = {
 	desc: {
@@ -26,4 +27,6 @@ export default define(meta, async (ps) => {
 	if (emoji == null) throw new Error('emoji not found');
 
 	await Emojis.delete(emoji.id);
+
+	await getConnection().queryResultCache!.remove(['meta_emojis']);
 });
diff --git a/src/server/api/endpoints/admin/emoji/update.ts b/src/server/api/endpoints/admin/emoji/update.ts
index 48b4a4ee23..f8bc638fcf 100644
--- a/src/server/api/endpoints/admin/emoji/update.ts
+++ b/src/server/api/endpoints/admin/emoji/update.ts
@@ -3,6 +3,7 @@ import define from '../../../define';
 import { detectUrlMine } from '../../../../../misc/detect-url-mine';
 import { ID } from '../../../../../misc/cafy-id';
 import { Emojis } from '../../../../../models';
+import { getConnection } from 'typeorm';
 
 export const meta = {
 	desc: {
@@ -47,4 +48,6 @@ export default define(meta, async (ps) => {
 		url: ps.url,
 		type,
 	});
+
+	await getConnection().queryResultCache!.remove(['meta_emojis']);
 });
diff --git a/src/server/api/endpoints/meta.ts b/src/server/api/endpoints/meta.ts
index a3390a011d..a754a885ab 100644
--- a/src/server/api/endpoints/meta.ts
+++ b/src/server/api/endpoints/meta.ts
@@ -95,7 +95,7 @@ export const meta = {
 export default define(meta, async (ps, me) => {
 	const instance = await fetchMeta(true);
 
-	const emojis = await Emojis.find({ where: { host: null }, cache: 3600000 }); // 1 hour
+	const emojis = await Emojis.find({ where: { host: null }, cache: { id: 'meta_emojis', milliseconds: 3600000 } }); // 1 hour
 
 	const response: any = {
 		maintainerName: instance.maintainerName,
-- 
cgit v1.2.3-freya


From 114523e69e30a90bc7bc043254cfc89e3a523c46 Mon Sep 17 00:00:00 2001
From: Satsuki Yanagi <17376330+u1-liquid@users.noreply.github.com>
Date: Fri, 5 Jul 2019 07:48:12 +0900
Subject: Fix WebAuthn login (#5103)

---
 src/client/app/common/views/components/signin.vue | 16 ++++--
 src/server/api/endpoints/i/2fa/getkeys.ts         | 67 -----------------------
 src/server/api/private/signin.ts                  | 42 +++++++++++++-
 3 files changed, 51 insertions(+), 74 deletions(-)
 delete mode 100644 src/server/api/endpoints/i/2fa/getkeys.ts

(limited to 'src/server/api')

diff --git a/src/client/app/common/views/components/signin.vue b/src/client/app/common/views/components/signin.vue
index 53cc62c333..8498a1dc3e 100644
--- a/src/client/app/common/views/components/signin.vue
+++ b/src/client/app/common/views/components/signin.vue
@@ -107,9 +107,8 @@ export default Vue.extend({
 					})),
 					timeout: 60 * 1000
 				}
-			}).catch(err => {
+			}).catch(() => {
 				this.queryingKey = false;
-				console.warn(err);
 				return Promise.reject(null);
 			}).then(credential => {
 				this.queryingKey = false;
@@ -127,8 +126,7 @@ export default Vue.extend({
 				localStorage.setItem('i', res.i);
 				location.reload();
 			}).catch(err => {
-				if(err === null) return;
-				console.error(err);
+				if (err === null) return;
 				this.$root.dialog({
 					type: 'error',
 					text: this.$t('login-failed')
@@ -142,7 +140,7 @@ export default Vue.extend({
 
 			if (!this.totpLogin && this.user && this.user.twoFactorEnabled) {
 				if (window.PublicKeyCredential && this.user.securityKeys) {
-					this.$root.api('i/2fa/getkeys', {
+					this.$root.api('signin', {
 						username: this.username,
 						password: this.password
 					}).then(res => {
@@ -150,6 +148,14 @@ export default Vue.extend({
 						this.signing = false;
 						this.challengeData = res;
 						return this.queryKey();
+					}).catch(() => {
+						this.$root.dialog({
+							type: 'error',
+							text: this.$t('login-failed')
+						});
+						this.challengeData = null;
+						this.totpLogin = false;
+						this.signing = false;
 					});
 				} else {
 					this.totpLogin = true;
diff --git a/src/server/api/endpoints/i/2fa/getkeys.ts b/src/server/api/endpoints/i/2fa/getkeys.ts
deleted file mode 100644
index bb1585d795..0000000000
--- a/src/server/api/endpoints/i/2fa/getkeys.ts
+++ /dev/null
@@ -1,67 +0,0 @@
-import $ from 'cafy';
-import * as bcrypt from 'bcryptjs';
-import * as crypto from 'crypto';
-import define from '../../../define';
-import { UserProfiles, UserSecurityKeys, AttestationChallenges } from '../../../../../models';
-import { ensure } from '../../../../../prelude/ensure';
-import { promisify } from 'util';
-import { hash } from '../../../2fa';
-import { genId } from '../../../../../misc/gen-id';
-
-export const meta = {
-	requireCredential: true,
-
-	secure: true,
-
-	params: {
-		password: {
-			validator: $.str
-		}
-	}
-};
-
-const randomBytes = promisify(crypto.randomBytes);
-
-export default define(meta, async (ps, user) => {
-	const profile = await UserProfiles.findOne(user.id).then(ensure);
-
-	// Compare password
-	const same = await bcrypt.compare(ps.password, profile.password!);
-
-	if (!same) {
-		throw new Error('incorrect password');
-	}
-
-	const keys = await UserSecurityKeys.find({
-		userId: user.id
-	});
-
-	if (keys.length === 0) {
-		throw new Error('no keys found');
-	}
-
-	// 32 byte challenge
-	const entropy = await randomBytes(32);
-	const challenge = entropy.toString('base64')
-		.replace(/=/g, '')
-		.replace(/\+/g, '-')
-		.replace(/\//g, '_');
-
-	const challengeId = genId();
-
-	await AttestationChallenges.save({
-		userId: user.id,
-		id: challengeId,
-		challenge: hash(Buffer.from(challenge, 'utf-8')).toString('hex'),
-		createdAt: new Date(),
-		registrationChallenge: false
-	});
-
-	return {
-		challenge,
-		challengeId,
-		securityKeys: keys.map(key => ({
-			id: key.id
-		}))
-	};
-});
diff --git a/src/server/api/private/signin.ts b/src/server/api/private/signin.ts
index cd9fe5bb9d..bc9346d088 100644
--- a/src/server/api/private/signin.ts
+++ b/src/server/api/private/signin.ts
@@ -9,6 +9,7 @@ import { ILocalUser } from '../../../models/entities/user';
 import { genId } from '../../../misc/gen-id';
 import { ensure } from '../../../prelude/ensure';
 import { verifyLogin, hash } from '../2fa';
+import { randomBytes } from 'crypto';
 
 export default async (ctx: Koa.BaseContext) => {
 	ctx.set('Access-Control-Allow-Origin', config.url);
@@ -99,7 +100,7 @@ export default async (ctx: Koa.BaseContext) => {
 			});
 			return;
 		}
-	} else {
+	} else if (body.credentialId) {
 		const clientDataJSON = Buffer.from(body.clientDataJSON, 'hex');
 		const clientData = JSON.parse(clientDataJSON.toString('utf-8'));
 		const challenge = await AttestationChallenges.findOne({
@@ -131,7 +132,7 @@ export default async (ctx: Koa.BaseContext) => {
 		const securityKey = await UserSecurityKeys.findOne({
 			id: Buffer.from(
 				body.credentialId
-					.replace(/\-/g, '+')
+					.replace(/-/g, '+')
 					.replace(/_/g, '/'),
 					'base64'
 			).toString('hex')
@@ -161,7 +162,44 @@ export default async (ctx: Koa.BaseContext) => {
 			});
 			return;
 		}
+	} else {
+		const keys = await UserSecurityKeys.find({
+			userId: user.id
+		});
+
+		if (keys.length === 0) {
+			await fail(403, {
+				error: 'no keys found'
+			});
+		}
+
+		// 32 byte challenge
+		const challenge = randomBytes(32).toString('base64')
+			.replace(/=/g, '')
+			.replace(/\+/g, '-')
+			.replace(/\//g, '_');
+
+		const challengeId = genId();
+
+		await AttestationChallenges.save({
+			userId: user.id,
+			id: challengeId,
+			challenge: hash(Buffer.from(challenge, 'utf-8')).toString('hex'),
+			createdAt: new Date(),
+			registrationChallenge: false
+		});
+
+		ctx.body = {
+			challenge,
+			challengeId,
+			securityKeys: keys.map(key => ({
+				id: key.id
+			}))
+		};
+		ctx.status = 200;
+		return;
 	}
 
 	await fail();
+	return;
 };
-- 
cgit v1.2.3-freya


From 6a53ccf814adfbb894551c7a74866c7fc34a0182 Mon Sep 17 00:00:00 2001
From: Satsuki Yanagi <17376330+u1-liquid@users.noreply.github.com>
Date: Fri, 5 Jul 2019 08:43:56 +0900
Subject: ハッシュタグのトレンドの計算を5分単位で丸める (#5107)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/server/api/endpoints/hashtags/trend.ts | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'src/server/api')

diff --git a/src/server/api/endpoints/hashtags/trend.ts b/src/server/api/endpoints/hashtags/trend.ts
index 3154461e5a..a004732f81 100644
--- a/src/server/api/endpoints/hashtags/trend.ts
+++ b/src/server/api/endpoints/hashtags/trend.ts
@@ -54,8 +54,11 @@ export default define(meta, async () => {
 	const instance = await fetchMeta(true);
 	const hiddenTags = instance.hiddenTags.map(t => t.toLowerCase());
 
+	const now = new Date(); // 5分単位で丸めた現在日時
+	now.setMinutes(Math.round(now.getMinutes() / 5) * 5, 0, 0);
+
 	const tagNotes = await Notes.createQueryBuilder('note')
-		.where(`note.createdAt > :date`, { date: new Date(Date.now() - rangeA) })
+		.where(`note.createdAt > :date`, { date: new Date(now.getTime() - rangeA) })
 		.andWhere(`note.tags != '{}'`)
 		.select(['note.tags', 'note.userId'])
 		.cache(60000) // 1 min
@@ -106,8 +109,8 @@ export default define(meta, async () => {
 		countPromises.push(Promise.all(hots.map(tag => Notes.createQueryBuilder('note')
 			.select('count(distinct note.userId)')
 			.where(':tag = ANY(note.tags)', { tag: tag })
-			.andWhere('note.createdAt < :lt', { lt: new Date(Date.now() - (interval * i)) })
-			.andWhere('note.createdAt > :gt', { gt: new Date(Date.now() - (interval * (i + 1))) })
+			.andWhere('note.createdAt < :lt', { lt: new Date(now.getTime() - (interval * i)) })
+			.andWhere('note.createdAt > :gt', { gt: new Date(now.getTime() - (interval * (i + 1))) })
 			.cache(60000) // 1 min
 			.getRawOne()
 			.then(x => parseInt(x.count, 10))
@@ -119,7 +122,7 @@ export default define(meta, async () => {
 	const totalCounts = await Promise.all(hots.map(tag => Notes.createQueryBuilder('note')
 		.select('count(distinct note.userId)')
 		.where(':tag = ANY(note.tags)', { tag: tag })
-		.andWhere('note.createdAt > :gt', { gt: new Date(Date.now() - (interval * range)) })
+		.andWhere('note.createdAt > :gt', { gt: new Date(now.getTime() - (interval * range)) })
 		.cache(60000) // 1 min
 		.getRawOne()
 		.then(x => parseInt(x.count, 10))
-- 
cgit v1.2.3-freya